Meeting of Brilliant Syche – IT Pro's Corner
Reading Time: 3 minutesStatus: Final Blueprint Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: 2024-07-25 Version: 1.0 Part 1: Strategic Foundations 1.1 Defining the Modern Marketing Management Suite (MMS) A modern MMS is an integrated platform that has Read More …
Reading Time: 6 minutesStatus: Final Blueprint (Summary) Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: June 1, 2024 Location: Dhaka, Bangladesh Version: 1.0 1. The Core Dilemma: Assessor vs. Builder Mindset We are observing worldwide adoption on CISSP Read More …
Reading Time: 3 minutesStatus: Final Blueprint Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: August 1, 2025 Location: Dhaka, Bangladesh Version: 1.0 1. The Strategic Imperative The operationalization of Cyber Threat Intelligence (CTI) is a strategic business necessity. Read More …
Reading Time: 4 minutesStatus: Final Blueprint Summary Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: March 1, 2022 Location: Dhaka, Bangladesh Version: 1.0 Part I: Foundational Blueprint Defining the Modern Architect: Beyond the Job Description The Cybersecurity Architect Read More …
Reading Time: 4 minutesStatus: Final Blueprint Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: July 23, 2025 Location: Dhaka, Bangladesh Version: 1.0 Executive Summary Continuous Threat Exposure Management (CTEM) marks a strategic evolution from reactive, incident-driven security to Read More …
Reading Time: 4 minutes1. Executive Summary This document outlines a comprehensive blueprint for Operations Support Systems (OSS) and Business Support Systems (BSS) requirements within modern enterprise applications. Traditionally the domain of telecommunications, the principles of OSS and BSS are now critical for any Read More …
Reading Time: 4 minutesStatus: Final Blueprint Author: Shahab Al Yamin Chawdhury Organization: Principal Architect & Consultant Group Research Date: July 21, 2025 Location: Dhaka, Bangladesh Version: 1.0 1. Executive Summary 2. Deep Dive: Laravel-Specific Concerns for Enterprise Use 3. Deep Dive: MySQL-Specific Concerns Read More …
Reading Time: 6 minutes1.0 Executive Summary & 2025-2026 Focus Areas This document provides a comprehensive, multi-domain blueprint of the modern cybersecurity landscape, designed for Chief Information Security Officers (CISOs) and security leadership. It maps critical functions, responsibilities, technologies, and metrics across all major Read More …
Reading Time: 4 minutesTable of Contents 1. Executive Summary Enterprises embracing two or more public clouds face unique security challenges: inconsistent controls, blind spots, and operational complexity. This report outlines a holistic architecture—spanning network fabric, resilient application platforms, identity-centric access, client-specific handling, and Read More …
Reading Time: 2 minutesA digital twin is a virtual representation of a real-world object, system, or process, designed to accurately reflect its physical counterpart. It uses real-time data from sensors and other sources to create a dynamic, constantly updating model that mirrors the physical entity. This Read More …
Reading Time: 8 minutesSIEM sizing is all about estimating the resources your Security Information and Event Management (SIEM) system that needs to handle log data efficiently—without overprovisioning or underestimating. The two key metrics used are: To calculate SIEM sizing, you typically keep the Read More …
Reading Time: 3 minutesMachine Identity Security (MIS) or Machine Identity Management (MIM) is another critical aspect of cybersecurity that focuses on securing and managing the digital identities of machines, such as servers, applications, and IoT devices, which is currently overlooked due to lack Read More …
Reading Time: 3 minutesProtecting an organization from DDoS attacks requires a multi-layered approach, including prevention, mitigation, and continuous monitoring. Here’s a breakdown of key strategies: Image Source: How Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack Strategy 1. Preventing DDoS Attacks 2. Securing Read More …
Reading Time: 2 minutesLACP, or Link Aggregation Control Protocol, is required when you need to aggregate multiple physical links into a single logical link to enhance bandwidth, redundancy, and network reliability. This is typically needed when connecting servers or high-volume data transfers, or Read More …
Reading Time: 9 minutesImage Source: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication500-292.pdf Cloud computing has become an integral part of modern IT infrastructure, enabling enterprises to achieve scalability, efficiency, and agility. This paper discusses the Cloud Computing Reference Architecture (CCRA), including its key adoption requirements, standard bodies of knowledge Read More …
Reading Time: 3 minutesImage source: OCEG Organizations face unprecedented challenges in governance, risk management, and compliance (GRC). The increasing complexity of risks, regulations, and operational demands necessitates a modern, integrated approach to GRC. To connect the dots between risks, compliance, and other GRC elements that Read More …
Reading Time: 2 minutesCISO due diligence refers to the process a CISO (Chief Information Security Officer) and their team conduct to assess the cybersecurity posture and practices of an organization or third party, particularly during mergers and acquisitions, or before entering into a Read More …
Reading Time: 6 minutesAzure Data Lake Architecture Overview Data Sources: Ingestion Layer: Storage Layer: Processing Layer: Analytics & Serving Layer: Governance & Security: Monitoring: +——————-+ +——————-+ +——————-+ | Data Sources | —> | Ingestion Layer | —> | Storage Layer | | (Structured, Read More …
Reading Time: 7 minutesWireless Pre-Shared Key (PSK) A Pre-Shared Key (PSK) is a security mechanism used in Wi-Fi Protected Access (WPA) networks. It works by requiring both the wireless access point (AP) and the client device to have the same secret key before Read More …
Reading Time: 2 minutes(DSCP) is a crucial component in managing Quality of Service (QoS) in Cisco networking, allowing for effective traffic prioritization and classification. What is DSCP?DSCP is a 6-bit value in the IP header that replaces the older Type of Service (ToS) Read More …
Reading Time: 2 minutesEmphasizing on the technology requirements, implementation challenges, and platform security management: Image Source: Transportation | ITS Intelligent Transportation Solutions Overview The Automatic Car Toll System (ACTS) is an innovative solution aimed at streamlining toll collection processes for highways and bridges. Read More …
Reading Time: 4 minutesImage Source: TokenBasedAuthentication2.png (3121×1648) Developing an authentication server is a crucial part of building secure applications. Here’s a structured approach to creating one: 1. Define Your Authentication Method: Decide whether you’ll use: 2. Choose a Tech Stack: Pick a language Read More …
Reading Time: 5 minutesImage Source: What is OAuth? (An Introduction to OAuth and OpenID) – The Genius Blog OAuth 2.0 is a widely used authorization framework that enables secure access to resources without exposing user credentials. Here’s a breakdown of its architecture, possibilities Read More …
Reading Time: 2 minutesImage Source: https://www.okta.com/identity-101/what-is-ldap/ The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. LDAP is based on a simpler subset of the standards Read More …
Reading Time: 4 minutesIntroduction In an era where cybersecurity threats are growing in complexity, organizations must continually adapt their security measures to protect sensitive information. Privileged Access Management (PAM) plays a critical role in safeguarding access to high-level accounts that control systems and Read More …
Reading Time: 2 minutesHID cards, produced by HID Global, are available in various types, primarily based on their technology and functionality. Common types include proximity cards, iCLASS smart cards, and more specialized cards like Seos and Clamshell cards. Here are some key points Read More …
Reading Time: 3 minutes1. Introduction With the increasing threats to online security, securing personal blogs is not just about maintaining content integrity but also ensuring protection against cyberattacks and compliance with global data privacy laws. This paper explores essential security mechanisms and compliance Read More …
Reading Time: 3 minutesA Data & Analytics Capability Model is a framework that organizations use to assess and improve their ability to leverage data and analytics for better decision-making and business outcomes. It outlines the various skills, processes, and technologies needed to effectively manage, analyze, Read More …
Reading Time: 3 minutesOrganizations face significant challenges in securing sensitive information while navigating an evolving threat landscape. Effective data security practices require a strategic approach to identify, assess, and mitigate risks. This concept paper explores key aspects of data security risks, solutions, and Read More …
Reading Time: 2 minutesIdentity Governance and Administration (IGA) is a framework that manages and controls user identities and access rights within an organization. It combines identity lifecycle management and access governance to ensure that users have the right access to resources at the Read More …
Reading Time: 3 minutesBackground: with an increasing demand for reliable internet services in Bangladesh, a twenty years ofd ISP aimed to differentiate itself by providing high-quality, affordable services while ensuring efficient operations and scalability. To achieve these goals, Enterprise Architecture (EA) was implemented Read More …
Reading Time: 2 minutesA structured outline of a software development team with their titles and job requirements: Software Development Team Requirements Responsibilities: Define product vision, strategy, and roadmap. Gather and prioritize product and customer requirements. Ensure alignment with business goals. Responsibilities: Plan, initiate, Read More …
Reading Time: 3 minutesIf you are an application developer, you know how important security is for your products. You want to protect your users’ data, your reputation, and your bottom line from malicious attacks. But security is not a one-time thing. It is Read More …
Reading Time: 2 minutesLet’s compare IBM QRadar and Splunk, two prominent players in the Security Information and Event Management (SIEM) space: Both QRadar and Splunk are excellent SIEM solutions, and the choice depends on your organization’s specific needs and existing technology stack. Consider factors like ease of Read More …
Reading Time: 2 minutesThe below picture illustrates operational architecture of the SIEM & SOAR in an integrated function: This is where the big picture comes in, from ingress to egress. As you can see in the picture the data collectors need to be configured in Read More …
Reading Time: < 1 minuteI have created this file long back and still am using it. Primary focus was to provide general user/technical users a standard laptop/desktop so that IT could manage these devices centrally rather having to cater to personal choices and end Read More …
Reading Time: < 1 minuteThis document is prepared for official needs, and is proven to be vital where a new or growing company needs to standardize their internal laptop’s OS. We were to choose a standardized OS that needs to be put in, into Read More …
Reading Time: < 1 minuteI have been continuously asked this question by my peers & juniors alike, but few seems to figure out the reality. Now, lets get into the business, first the basics: I believe everyone knows this: 8 bits = 1 byte Read More …
Reading Time: < 1 minuteDNS resource records can be used to provide DNS-based data about computers on a TCP/IP network. Well I don’t know if there is a network other than TCP/IP network, other than the internal isolated lab network for engineering purposes. Anyway, Read More …
Reading Time: < 1 minuteThe default DNS port is 53. You can view the dynamic port range on a computer that is running Windows Vista or Windows Server 2008 computer by using the following netsh commands: netsh int ipv4 show dynamicport tcp netsh int Read More …
Reading Time: 3 minutesMicrosoft has a tool and it’s so easy to make an ISO file to be transferred to a USB drive using the tool. It will readily create a USB bootable OS. Now download the file from the following link: Windows Read More …
Reading Time: < 1 minuteThe MDM solution provided by the N-Able company which is a sub of Solarwind. I was wondering if there are companies who are looking for an MDM solution based on their specific requirements. And being amazed that recently a company Read More …
Reading Time: < 1 minuteA two factor authentication requires a domain username and then followed by a password, and afterwards a Certificate PIN or RSA PIN or similar or identical featured access types. Now in Windows Servers, implementing a Smart Card feature or a Read More …
Reading Time: < 1 minuteAnd here goes the class notes for the second day, the IS Audit Process Part 1 & Part 2. Access the pdf file here: 02_CISA Training Notes_IS Audit Process P1&2
Reading Time: < 1 minuteAs you might have already know that CISA was an industry standard and becoming more and more popular as time passes. So, I got myself into the CISA training. The training conducted online with CBT Nuggets CISA training video. And Read More …
Reading Time: < 1 minuteThis brief solution document focuses on the deployment options regarding Lync 2010 in two physical servers. Hardware and Software Sizing as well as configuration are reflected within this document. This document also released in the Article section of this blog. Read More …
Reading Time: 2 minutesNumber One – Hardware: Is your hardware ready for the AD? How good are your sizing for this? Are they (PDC, BDC) going to be virtualized or not? Well in my opinion theres no need for deploying a stand alone Read More …
Reading Time: < 1 minuteAs a continual effort to let IT folks know that how these Exchange Server 2013 solution works, how to manage and maintain it. Microsoft released those video’s in the Channel9 site on October 2013. Content follows: Read More …
Reading Time: < 1 minuteThis video demonstrates Deploying Active Directory for a New Forest. My YouTube Link: https://www.youtube.com/watch?v=glH8mfw7IH8 And the video Follows:
Reading Time: 2 minutesI am sure most of you computer geeks out there knows about the Spanning Tree Protocol and how it works. So the basics here just for a heads up. STP is a network protocol standard set by IEEE. The purpose Read More …